Key Responsibilities
- Conduct
cyber risk assessment for assigned cyber security audit and advisory
assignments.
- Perform
independent threat and vulnerability assessment and penetration test
audits of the bank’s ICT systems to assess the effectiveness of the
cybersecurity control framework and report on cyber risks noted.
- Serve
as an objective and independent advisor to business functions by providing
assurance that cyber security operations and processes conform to current
KCB group policies and procedures, regulatory requirements as well as
applicable legislation.
- Conduct
walkthroughs, testing of controls, and negotiating potential issues for
Technology audits within the cybersecurity and infrastructure portfolio,
including scope areas such as identity and access management, asset
classification, network security, operating system security, database
security, web application security, mobile application security, public
cloud (AWS/GCP/Azure) environments, vulnerability management, endpoint
protection, etc.
- Identify
and evaluate significant cyber security risk exposures and contribute to
the improvement of technology risk management and control systems.
- Ensure
cyber security audits are performed in accordance with the Internation
Professional Practices Framework (IPPF) and the bank’s internal audit
methodology.
- Documents
the results of audit work in accordance with internal audit guidelines and
the Institute of Internal Auditors (IIA) standards.
- Maintain respectful and effective communications and relationships with key stakeholders pre, during and post audit assignments to ensure alignment of audit objectives to Bank strategy.
- Follow
up on the implementation of audit recommendations, identifying and
reporting any gaps that may derail implementation of audit
recommendations.
- Keep
the organisation updated on cyber security industry trends, regulatory
changes, and best practices in internal auditing as well as developments
in the Banking industry and business environments that would inform the
quality of the audit and quality assurance.
Qualifications
Bachelor’s Degree Information Technology, Electrical
Engineering, Computer Science
How to Apply
